Privacy and Personal Data Protection Policy

Controller: Rayls Group

Postal address: 103 South Church Street, P.O. Box 472, George Town, Grand Cayman KY1-1106, Cayman Islands

E-mail: info@rayls.com

Introduction

This Policy explains data processing, storage, and usage when using the "Landing Page" at www.rayls.com and the infrastructure available only to registered individuals. We recommend careful reading of this document.

Some provisions apply exclusively to the infrastructure or Landing Page respectively. The Landing Page collects personal data only through contact forms and newsletter subscriptions. Third-party website links may allow external data collection; Rayls disclaims responsibility for external privacy statements.

Key Concepts

  • Competent Authority: Entity responsible for ensuring, implementing and enforcing data protection laws in its jurisdiction.
  • Controller: Entity determining purposes and means of personal data processing; Rayls makes primary decisions regarding data handling.
  • Personal Data: Information relating to identified or identifiable natural persons.
  • Sensitive Personal Data: Data concerning racial or ethnic origin, religious beliefs, political opinions, trade union membership, health, sexual orientation, genetic data, or identifying biometric data.
  • Data Subject(s): Natural persons whose data undergoes processing, including website users and customers.
  • Processing: Any operation carried out with your Personal Data, whether or not by automated means.
  • International Data Transfer: Personal data movement to jurisdictions outside the European Economic Area or UK.

Personal Data Types Processed

Identification Data

  • Full name
  • Customer ID
  • Verification data
  • Last access information
  • Username or similar identifiers
  • Banking data (account identification numbers, financial identifiers)

Employer Details

Information related to represented companies.

Technical Data

  • Internet protocol addresses
  • Login information
  • Browser type and version
  • Time zone settings and location
  • Browser plug-in information
  • Operating system details
  • Device technologies for website access

Marketing and Communications Data

Preferences for marketing from Rayls and third parties, plus communication preferences.

Note: Email provision is required for contract execution and legal obligation fulfillment. Failure to provide essential information prevents service provision. The organization does not request or process sensitive personal data regarding religious beliefs, political opinions, or sexual orientation.

Data Collection Methods

  • Direct Interactions: Personal data provision through forms, post, phone, email, or other communication channels, including service contracts or post subscriptions, marketing notification requests, reporting channel contacts, and support requests or feedback submissions.
  • Automated Technologies: Technical data collection through website engagement via cookies, server logs, and similar technologies.
  • Third-Party Sources: Data collection through client companies, business partners, suppliers, service providers, or corporate group entities.
  • User Responsibility: Users vouch for personal data veracity and accuracy. Rayls disclaims liability for false, inaccurate, or omitted information; users bear responsibility for accurate provision and timely updates.

Processing Purposes and Lawful Basis

Contract Execution or Pre-Contractual Steps

  • New customer registration
  • Product processing and delivery
  • Relationship management, request replies, suggestion/complaint handling, customer service and support provision

Legal or Regulatory Compliance

  • Security risk evaluation and monitoring for website and infrastructure
  • New security tool development and improvement
  • Anti-money laundering and anti-terrorist financing guideline compliance
  • Required legal and regulatory obligation fulfillment

Consent-Based Processing

  • Newsletter activity information transmission
  • Product demonstration provision

Legitimate Interests

Processing necessary data to fulfill organizational or third-party legitimate interests. Prior analysis ensures data subject rights and interests don't prevail over such interests. Contact Rayls for balancing exercise details.

Data Sharing Practices

Personal data may be shared with Rayls Group companies, service providers, business partners, suppliers, public administration bodies, and entities for product provision and operation, contract/judicial/administrative/arbitration protection, and legal/regulatory obligation compliance.

Business partners, service providers, and suppliers must process personal data according to applicable protection laws. Rayls prohibits their independent data use; they may process only per instructions for specific purposes.

International Data Transfers

Operations may involve international personal data transfers. Appropriate protection is ensured through adequacy decisions (transfers only to countries deemed providing adequate protection) and contractual safeguards (European Commission-approved standard contractual clauses, UK international data transfer agreements, UK addendum to EU standard contractual clauses). Contact Rayls for international transfer details.

Automatic Collection and Cookies

Rayls may use cookies enabling effective browsing, preference storage, and user experience improvement. Cookie policy details are available in the Cookie Policy document.

Security Measures

Information security priority involves personal data protection preventing unauthorized access incidents. Adopted technical and administrative measures include login and password access controls, data encryption methods, access log storage, and data backups. Security procedures receive regular optimization as new techniques emerge.

Users should secure personal devices through antivirus and firewall software, current operating system/browser/software versions, and password non-sharing with third parties.

Data Retention Periods

Personal data storage continues for performing legitimate purposes. Upon purpose fulfillment, data becomes anonymized or deleted. Users may object to processing or request deletion. Rayls analyzes requests and, if justified, deletes data from databases. Consent revocation triggers automatic deletion.

Data retention may be necessary for Rayls' interest protection in proceedings and applicable law retention periods (tax laws, money laundering and terrorist financing prevention/combat regulations).

Data Subject Rights

  • Right to Access: Confirmation whether personal data undergoes processing, with access to information regarding the data and processing activities, including copy rights.
  • Right to Rectification: Incomplete, incorrect, or outdated data correction rights.
  • Right to Erasure ("Right to Be Forgotten"): Under certain applicable law conditions, deletion request rights exist (for example, illicit processing or fulfilled purpose data). Rayls may retain data when valid grounds exist (legal obligation compliance or legal proceeding defense).
  • Right to Portability: Rights to receive provided personal data in structured, commonly-used, machine-readable formats, with transmission rights to other data controllers in some cases.
  • Right to Processing Restriction: Restrictions possible when personal data accuracy is contested during verification periods, processing is unlawful and erasure is opposed, Rayls no longer requires data but the individual requires it for legal proceeding defense, or processing opposition during evaluation periods.
  • Consent Withdrawal: Right to withdraw data processing consent at any time.
  • Objection Right: Right to oppose processing based on Rayls or third-party legitimate interests. Legally justified refusal circumstances may exist.

Contact Rayls through website channels to exercise rights. Responses occur within one month; complex cases may require two months.

Right to lodge complaints with competent authorities: EU Supervisory Authorities or UK Information Commissioner's Office.

Contact Information

For questions or further information, contact us at privacy@rayls.com.

Policy Updates

This Privacy Policy undergoes updates upon personal data processing changes. Regular review is recommended to remain informed of modifications.